First published: Fri Apr 19 2024(Updated: )
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.
Credit: sirt@brocade.com
Affected Software | Affected Version | How to fix |
---|---|---|
Broadcom Brocade SANnav | <2.3.1<=2.3.0a | |
Brocade SANnav | <2.3.0a |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2024-29957 is considered critical due to potential exposure of encryption keys.
To fix CVE-2024-29957, upgrade Brocade SANnav to version 2.3.1 or later.
Brocade SANnav versions before 2.3.1 and 2.3.0a are affected by CVE-2024-29957.
CVE-2024-29957 poses a risk to data security by potentially allowing unauthorized access to encryption keys.
There is no official workaround for CVE-2024-29957; updating to the latest version is recommended.